NIST Announces the release of 2 Draft documents: (1) DRAFT Special Publication 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) and (2) DRAFT NIST IR 7497 Draft Security Architecture Design Process for Health Information Exchanges (HIEs)
(1) NIST announces that draft Special Publication (SP) 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII), is now available for public comment. SP 800-122 is intended to assist Federal organizations in identifying PII and determining what level of protection each instance of PII requires, based on the potential impact of a breach of the PII's confidentiality. The publication also suggests safeguards that may offer appropriate protection for PII and makes recommendations regarding PII data breach handling.
NIST requests comments on draft SP 800-122 by March 13, 2009. Please submit comments to firstname.lastname@example.org with "Comments SP 800-122" in the subject line.
URL to Draft SP 800-122 on Drafts page:
(2) NIST Interagency Report (IR) 7497, Draft Security Architecture Design Process for Health Information Exchanges (HIEs), is intended to provide a systematic approach to designing a technical security architecture for the exchange of health information that leverages common government and commercial practices and that applies them specifically to the HIE domain. This publication assists organizations in ensuring that data protection is adequately addressed throughout the system development life cycle, and that these data protection mechanisms are applied when the organization develops technologies that enable the exchange of health information.
Please submit your comments to email@example.com. The comment period for draft NIST IR 7497 closes on Friday March 13, 2009.
URL to Draft NIST IR 7497:
Computer Security Division